Latest Malware Attacks and Threats 2018

Malicious software (malware) isn’t going anywhere. Last year, it was reported that a new malware specimen emerged every 4.2 seconds. With the recent attack in Atlanta that has crippled the city, people are more and more aware of the importance of cybersecurity. For 5 days, a ransomware attack has completely shut down the municipal government in one of the worst cyber-attacks against an American City. People are still unable to pay bills and tickets online, access Wi-Fi at the airport, and the city has even stopped taking employment applications.

The group responsible for the attack, SamSam, normally hits companies where the ransom is much less than the cost of potential downtime. It is estimated that in 2018, SamSam has extorted more than $1M from 30 organizations.

With cyber criminals becoming more advanced, cybersecurity has never been more needed. Can your company survive 5 days of downtime? How are you, a business focused on serving your customer/client base, supposed to contend with that?

For one, by staying informed. You don’t need to become an expert on malware (that’s why we’re here), but it is a good idea to be aware of the latest threats so that you can prepare for what most experts will tell you is an inevitable attack on your organization. Only by being informed, can you be equipped to respond.

New Malware Threats That Your Business Needs to Prepare For in the Year Ahead

1. MS Office as a Carrier

This is a scary one for most businesses given the longstanding reliance on MS Office products in the workplace. The number of cybercriminals using MS Office documents as carriers to deliver malicious payloads in enterprise systems is on the rise. Data shows that malware attacks leveraging MS Word documents grew by 33% by the end of 2017, and this is expected to grow in 2018.

How exactly is this being accomplished? Features of MS Office documents such Dynamic Data Exchange (DDE) and Excel Scriptlets (Microsoft XML wrapper for scripting languages to register themselves as COM objects and execute) can help create the vulnerability. Have you ever seen the prompt stating "this document is protected, enable editing to view content”? When a hacker has delivered the document and a user enables editing, the infection chain begins.

2. Mobile Malware

Most organizations associate malware attacks with their in-house computer systems and laptops. But one of the biggest targets today (and tomorrow) is found in the pockets of your staff. Mobile devices will be a focal point for cybercriminals from here on in. Think about it, the number of mobile phone users in the world is expected to pass the five billion mark by 2019 and, at the moment, Android devices and iPhones have emerged as a primary work tool for many. Hackers are well aware of this popularity and are thus exploiting all vulnerabilities.

For example, a few months ago, global law firm DLA Piper was a victim of the Petya ransomware attack. Over 3,500 lawyers in 40 countries were without smartphone access for 24 hours and without access to their email for nearly a week. It took the firm nearly two weeks to regain access to a large portion of their data. While law firms are among the top 5 targets for hackers, every organization needs to take note. The days of BYOD (bring your own device) need to come to pass.

If a business expects staff to be online while remote, bring their work with them via mobile downloads, and/or communicate with team members via messaging apps, etc., then it’s time to take control of the situation by issuing company smartphones. These devices must be fully equipped with updated security measures. If BYOD for work is permitted, at the very least employees should be required to install usage monitoring and malware detection apps on their devices.

While any mobile device is vulnerable (Apple included), it should be noted that Android's open platform approach (and popularity) has made it a logical target for hackers. With so many versions and device manufacturers of Android out there, there is a greater opportunity for exploitation. This is backed by McAfee’s recently reported increase in overall mobile malware due to a corresponding rise in Android screen locking ransomware. If your company insists upon using Android to outfit staff with a mobile working solution, stick to one secure version/device.

3. Cryptocurrency Mining

This isn’t what you think. While it’s true that if your business accepts cryptocurrency, you should be very concerned about the rise in crypto-coin heists around the world, cryptocurrency mining presents a whole other concern for your enterprise.

Cryptocurrency mining is the process by which transactions are verified and added to the public ledger (the blockchain) and also the means through which new cryptocurrencies are released. The process requires the aggregating of recent transactions into blocks and attempting to solve a complex puzzle. The miner who first solves the puzzle gets to place the next block on the public ledger and redeem the rewards. These rewards include transaction fees connected to the transactions occurring in the blockchain, in addition to receiving newly released cryptocurrencies. Sound complicated? It can be, but what you need to know is that in order for cryptocurrency miners to do what they to do, they need to gain access to a proverbial ton of hardware, server space, and electricity.

Unethical cryptocurrency miners have recently discovered that the cheapest way to power their practice is to hijack the power and storage space that someone else is paying for, and that resides within the data centers of many businesses and organizations.

This unauthorized form of cryptocurrency mining can result in the shutdown of your company’s servers and applications. In addition, given that an unethical miner has already infected your systems with cryptocurrency mining malware, they can also release other forms of malware, including ransomware. After all, why would they stop at just stealing your power when they can hold your data for ransom to boot?

Don’t think for one minute that this unique concern is a far-fetched threat to your business. As of the end of the first quarter of 2018, cryptocurrency mining malware is now as lucrative as ransomware for hackers. Cybercriminals will go where the money goes and they have no qualms about using your organization to piggyback their way to it.
We’re seeing one of the biggest leaps in the evolution of malware here in 2018. There’s only one way for your company to hedge the risk of the fast growing threat, and that is to secure the services of an IT provider that is dedicated to around-the-clock monitoring of your cybersecurity systems. Contact Fully Managed today.